Privacy Policy

This Privacy Policy describes how Ser.Com processes the personal data of individuals (“Users”) who access, browse, and use this website/platform (www.shop.mib.edu), branded Camplus but owned by Ser.Com (the “Store”).

Data Controller

Ser.Com S.r.l.
Via L. Braibanti, 15 – 29122 Piacenza (Italy)
Email: info@sercom.com
VAT No.: 01309030334

Types of Data Collected

Among the types of personal data collected through the Store, either independently or via third parties, are:

Cookies, usage data, first name, last name, gender, date of birth, phone number, VAT number, company name, occupation, address, country, state, province, email, ZIP/postal code, various types of data, city, tax code, business sector, user ID, number of employees, username, password, image, workplace, marital status, website, billing address, and shipping address.

Other personal data may be indicated in other sections of this privacy policy or in information texts displayed at the time of data collection. Personal data may be provided voluntarily by the User or collected automatically during the use of the Store.

The use of Cookies—or other tracking tools—by this Store or third-party services used by this Store (unless otherwise stated), aims to identify the User and store preferences strictly for the delivery of the requested service. Failure to provide certain personal data may make it impossible for the Store to deliver its services.

Methods and Location of Data Processing

Processing Methods

The Data Controller processes Users’ personal data with appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of data.
Processing is carried out using IT and/or telematic tools, with organizational methods strictly related to the stated purposes.

In addition to the Data Controller, certain categories of persons involved in the operation of the Store (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data and may be appointed, if necessary, as Data Processors.

An up-to-date list of Data Processors is available from the Data Controller upon request.

Place

Data is processed at the Data Controller’s operational offices and any other location where the parties involved in processing are located. For more information, contact the Data Controller.

Retention Period

Ser.Com will process Users’ data for the duration of the requested services and until the completion of contractual obligations. Afterward, data may be retained for legal compliance purposes and only for the achievement of the specific purposes pursued.

For marketing and profiling purposes, data will be retained for 24 months after the last recorded interaction unless the User requests its deletion or modification beforehand.

Purposes and Legal Bases for Data Processing

User data is collected to allow the Data Controller to provide its services, including for the following purposes: statistics, contacting the User, managing payments, registration, and authentication. The types of personal data used for each purpose are detailed in specific sections of this document.

Details on Personal Data Processing

Contact Forms

By filling out the contact form, the User consents to the use of their data to respond to requests for information, quotes, or other inquiries as specified in the form.

Collected data includes: ZIP/postal code, city, tax code, surname, date of birth, email, user ID, address, country, first name, number of employees, fax number, phone number, VAT number, profession, province, company name, gender, business sector, state, and other types of data.

Payment Management

The Store uses third-party services to process payments via credit card, bank transfer, or other means. Payment data is acquired directly by the service provider and is not processed by the Store.

Some services may also send scheduled messages to the User, such as email invoices or payment notifications.
Example: PayPal (provided by PayPal Inc.) allows Users to make payments using their PayPal credentials. For details, refer to PayPal’s own privacy policy.

Registration and Authentication

By registering or authenticating, Users allow the Store to identify them and grant access to dedicated services. These services may be provided by third parties, allowing the Store to access some data stored by those services.

Direct registration:
The User registers by filling out a registration form and providing personal data directly to the Store.

Collected data includes: ZIP/postal code, city, tax code, surname, date of birth, email, user ID, image, address, billing address, shipping address, country, first name, number of employees, fax number, phone number, VAT number, password, profession, province, company name, workplace, gender, business sector, website, state, marital status, username, and various other types of data.

Statistics

These services allow the Data Controller to monitor and analyze traffic and track User behavior.

Google Analytics (Google Inc.):
A web analysis service provided by Google Inc. (“Google”). Google uses the collected personal data to track and examine the use of the Store, compile reports, and share them with other Google services.
Collected data: Cookies and usage data.

Marketing and Communication Activities

The data provided by the User during registration/use of the Store may also be used by the Data Controller to send promotional emails, newsletters, and marketing content, subject to the User’s consent.
Users may unsubscribe at any time by clicking the “unsubscribe” or “remove me” option in any marketing email.

Additional Information on Personal Data

Sale of Goods and Services

The personal data collected is used to provide services to the User and to sell products, including payment processing and delivery. The data collected for payment may include credit card information, bank account details, or other supported payment instruments depending on the method used.

Legal Defense

User data may be used for legal defense by the Data Controller or in preparation for legal proceedings arising from misuse of the Store or related services.
The User acknowledges that the Data Controller may be required to disclose data at the request of public authorities.

Specific Information

Upon User request, the Store may provide additional and context-specific information about particular services or the collection and processing of personal data.

System Logs and Maintenance

For operational and maintenance purposes, this Store and third-party services may collect system logs, which are files that record interactions and may also contain personal data such as the User’s IP address.

Information Not Contained in This Policy

Further information about personal data processing can be requested from the Data Controller at any time using the contact details provided.

User Rights

Data subjects have the right to obtain confirmation of the existence of their personal data at any time. The Data Controller guarantees the following rights under Article 12 of the GDPR:

  • Article 15 – Right of access

  • Article 16 – Right to rectification

  • Article 17 – Right to erasure (“right to be forgotten”)

  • Article 18 – Right to restriction of processing

  • Article 19 – Notification obligation regarding rectification or erasure

  • Article 20 – Right to data portability

  • Article 21 – Right to object

  • Article 22 – Automated individual decision-making, including profiling

Right to Lodge a Complaint

If the data subject believes that the data processing is unlawful, they may:

  • File a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) under Article 77 of the GDPR:

  • Alternatively, take legal action under Article 79 GDPR.

Changes to This Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time, by informing Users on this page. Users are encouraged to check this page frequently, referring to the “last updated” date.
If the User does not accept the changes, they must stop using the Store and may request deletion of their personal data. Unless otherwise specified, the previous policy will continue to apply to data collected up to that point.

Definitions and Legal References

  • Authorized Processor: Any individual processing data under the authority of the Controller or Processor, following their instructions.

  • Cookie: A small piece of data stored on the User’s device.

  • Personal Data: Any information relating to an identified or identifiable natural person.

  • Usage Data: Information collected automatically by the Store (or third-party services), including IP addresses, browser type, time of request, visited pages, etc.

  • User: The individual using the Store who is also the Data Subject.

  • Data Subject: The individual to whom the Personal Data refers.

  • Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the Data Controller.

  • Data Controller: The natural or legal person, public authority, agency, or other body that determines the purposes and means of processing personal data. Unless otherwise specified, the Data Controller is the owner of this Store.

  • Store: The website/platform (www.shop.mib.edu) where Users’ personal data is collected.

  • Legal References:
    This privacy policy is drafted in compliance with Legislative Decree 196/2003, Regulation (EU) 2016/679 (GDPR), and Directive 2002/58/EC, as updated by Directive 2009/136/EC on Cookies.
    This policy applies exclusively to this Store.